#ifndef _TYPES_H_
#define _TYPES_H_
#include "asn1.h"
#include <stddef.h>
#include <stdint.h>
#include <time.h>
#include <openssl/ssl.h>
#define ADDRLEN 40
#define BINDLEN 250
#define PWLEN 40
#define BASELEN 250
#define SIDLEN 28
#define MOUNTLEN 100
#define FINGERPRINTLEN 20
#define MAXPATH 200
#define REQLEN 4000
#define MAXMSGLEN 500000
#define BOOL uint8_t
#define TRUE (1)
#define FALSE (0)
typedef struct _server_t_ server_t;
typedef struct _epoll_client_t_ epoll_client_t;
typedef struct _epoll_server_t_ epoll_server_t;
/**
* General epoll struct, to be implemented by every epoll struct.
*/
typedef struct {
void (*callback)(void *data, int haveIn, int haveOut, int doCleanup);
int fd;
} epoll_item_t;
/**
* epoll struct for listening sockets.
*/
typedef struct {
void (*callback)(void *data, int haveIn, int haveOut, int doCleanup);
int fd;
//
SSL_CTX *sslContext; // Listening for SSL connections, NULL otherwise
} epoll_listen_t;
/**
* epoll struct for a client we're serving.
*/
struct _epoll_client_t_ {
void (*callback)(void *data, int haveIn, int haveOut, int doCleanup);
int fd;
//
BOOL bound; // Client did successful ldap bind
BOOL sslAccepted; // SSL_accept done?
BOOL kill; // Should the connection be killed?
BOOL writeBlocked; // An SSL_write returned WANT_*, so we must not reallocate the current send buffer
// Send buffer (me to client)
size_t sbPos, sbFill, sbLen;
SSL *ssl; // NULL if not encrypted
char *sendBuffer; // Dynamically allocated, might or might not get huge
epoll_server_t *fixedServer; // If client performed explicit bind, tie to server connection
// Recv buffer (client's request)
size_t rbPos;
char readBuffer[REQLEN]; // Static, queries > 4000 bytes simply not supported
};
/**
* epoll struct for a connection to AD.
*/
struct _epoll_server_t_ {
void (*callback)(void *data, int haveIn, int haveOut, int doCleanup);
int fd;
//
// Send buffer (me to server)
size_t sbPos, sbFill, sbLen;
SSL *ssl; // NULL if not encrypted
char *sendBuffer; // Dynamically allocated, might or might not get huge
char bindBuffer[BINDLEN]; // Used for the bind request. We need this to prevent sending any requests before the server acknowledged the bind request
int bindLen; // Length of buffered bind request
epoll_client_t *fixedClient; // If client performed explicit bind, this is the client belonging to this connection
// Recv buffer (server's response)
size_t rbPos;
char readBuffer[MAXMSGLEN];
BOOL bound; // Already bound to server?
BOOL dynamic;
BOOL sslConnected;
uint32_t startTlsId; // Whether STARTTLS request was already sent (>0)
BOOL kill; // Should the connection be killed?
BOOL writeBlocked; // An SSL_write returned WANT_*, so we must not reallocate the current send buffer
time_t lastActive;
server_t *serverData;
};
/**
* Struct for mapping attribute names/values
*/
typedef struct {
struct string uid; // AD: sAMAccountName
struct string homemount; // AD: homeDirectory
struct string localhome; // AD: none, LDAP: homeDirectory
struct string posixAccount; // AD: user
struct string shadowAccount; // AD: user
struct string uidnumber; // AD: objectSid
} attr_map_t;
struct hashmap;
struct uidmap {
const char *fileName;
struct hashmap *nameToNum;
struct hashmap *numToName;
};
/**
* Configuration data for an ADS we're proxying.
*/
struct _server_t_ {
size_t baseLen;
char ip[4];
time_t lastLookup;
char addr[ADDRLEN];
char bind[BINDLEN];
char password[PWLEN];
char base[BASELEN];
char sid[SIDLEN];
char homeTemplate[MOUNTLEN];
unsigned char fingerprint[FINGERPRINTLEN];
char cabundle[MAXPATH];
BOOL plainLdap;
BOOL fixNumeric; // prefix numeric account names with an 's'
BOOL genUidNumber; // generate uidNumber attribute locally (and keep track)
BOOL useStartTls; // Establish plain connection, then upgrade via STARTTLS
uint16_t port;
SSL_CTX *sslContext;
epoll_server_t con;
attr_map_t map;
struct uidmap uidmap;
};
#endif
